FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Cluster Development

 
 
LinkBack Thread Tools
 
Old 02-16-2010, 10:55 AM
"Fabio M. Di Nitto"
 
Default Upcoming changes to cluster releases

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi everybody,

I just landed a set of changes to improve our release process for cluster 3.

Here are the highlights:

- - tarballs will be released in both .gz and bz2 formats.
- - a Changelog-$VERSION will be available on the release area (same as
the one available in the announce emails).
- - a .sha256 file will also be available for each release to verify the
downloads.
- - for the more paranoid, the .sha256 file is signed with gpg (*).

As of today, we will _not_ update tarballs on the old
ftp://sources.redhat.com/pub/cluster/releases/

Please update your watchfiles to use:
https://fedorahosted.org/releases/c/l/cluster/

Cheers
Fabio

(*) In order to verify the release signature (example):

1) $ gpg --recv-keys 0x6CE95CA7

2) $ gpg --fingerprint 0x6CE95CA7
pub 4096R/6CE95CA7 2010-02-08
Key fingerprint = 746F 4C0C A8C2 B82E CC0A 6948 08C8 1B2C 6CE9 5CA7
uid Cluster Release Team <cluster-devel@redhat.com>

3) $ gpg --check-sigs 0x6CE95CA7
pub 4096R/6CE95CA7 2010-02-08
uid Cluster Release Team <cluster-devel@redhat.com>
sig!3 6CE95CA7 2010-02-08 Cluster Release Team
<cluster-devel@redhat.com>
sig! 63549F8E 2010-02-08 Fabio M. Di Nitto <fabbione@fabbione.net>
sig! 0B437A89 2010-02-08 Fabio M. Di Nitto <fabbione@fabbione.net>
sig! 4CF8CD0C 2010-02-08 Lon Hohberger <lhh@redhat.com>

The key will always carry only the UIDs of the release managers.

4) $ gpg --verify cluster-3.0.8.sha256.asc cluster-3.0.8.sha256
gpg: Signature made Tue Feb 16 12:37:42 2010 CET using RSA key ID 6CE95CA7
gpg: Good signature from "Cluster Release Team <cluster-devel@redhat.com>"

Generally, step 1 to 3 are required only for a first time setup.

Please always consult any extensive gpg how to for more information.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLeoehAAoJEFA6oBJjVJ+OjA8P/iFhMjdVGYs/GUo0j/RSNzl+
a46BVyMzE/H6lPUDBZkyopuFNM0fgdMzHC5KNKcNyjO4gyVVp3/w16VoGjCfOzzk
mmEFq4xr8XOfgUzYoRvRHVVn4zOFHLQlwQ+sw7zlZGbQXZiUP/ffiL4czeSZnztS
0S1uHkMSykZpMq0fAYPBFmf9ipsN3QQzIjL069e1ZYE5TqoZFV E8L9qV5MA92MSP
Q+UAYUzRY7rsEguzCiM2oay/Xgi1cymYKQoUXEopRlPnebP/84Ntylkr5/w4mDqp
E2uFT1DOmFCR6EdcVpMrGSbqgeaq3IfM5otJIm8jwfzHqI9FkX M4onCKYv2ww+11
/aAzTz4Zdu66wPBfBghk/AsuIMsOLFgyqoWZYobswrAWaqJhHtfRy/OXE5G4Mt8+
mJEOiR9e1AqPvrwuvKfkNu1CysDNUzGBIc8nm7JXY7qjRjpd1q/+CKPJHj98/S/g
M0DkhCyfYh/oaDDC58RBzP1h3aKmFIRQ0AibvrQs6LHwWnfMznZ0kKENXvwXh V2A
qSHr0oLKEGClBYkr/7VXkzJxwqOntVz6R6NT/t6RO6e+v6zimqYLYNpi+jj2YFgU
6W+XgYTi9MkmibI4lsopDX1iz7rVw9VujFanH0KnOtO94lteGg kqEmJzLXH1vYyM
PZbO0x46MKn6xy0Ozf95
=tdgO
-----END PGP SIGNATURE-----
 

Thread Tools




All times are GMT. The time now is 01:18 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org